Skip to content

build(deps): bump the npm_and_yarn group with 18 updates #50

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

build(deps): bump the npm_and_yarn group with 18 updates #50

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Apr 30, 2025

Bumps the npm_and_yarn group with 18 updates:

Package From To
next 12.2.5 14.2.26
@babel/traverse 7.18.11 removed
interchain 1.3.0 1.10.4
base-x 3.0.9 3.0.11
braces 3.0.2 3.0.3
crypto-js 4.1.1 4.2.0
elliptic 6.5.4 6.6.1
get-func-name 2.0.0 2.0.2
micromatch 4.0.5 4.0.8
nanoid 3.3.3 removed
mocha 10.2.0 10.8.2
postcss 8.4.14 8.4.31
protobufjs 6.11.3 6.11.4
@cosmos-kit/keplr 0.33.18 2.15.0
semver 6.3.0 7.7.1
serialize-javascript 6.0.0 6.0.2
word-wrap 1.2.3 1.2.5
ws 7.5.9 7.5.10

Updates next from 12.2.5 to 14.2.26

Release notes

Sourced from next's releases.

v14.2.26

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • Match subrequest handling for edge and node (#77476)

v14.2.25

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary. This release contains a security patch for CVE-2025-29927.

Core Changes

  • Update middleware request header (#77202)

Credits

Huge thanks to @​ijjk for helping!

v13.5.11

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • Lock swc binaries version

v13.5.10

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • Match subrequest handling for edge and node

v13.5.9

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary. This release contains a security patch for CVE-2025-29927.

Core Changes

  • [backport] middleware subrequest patch (#77418)

v12.3.7

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

... (truncated)

Commits

Removes @babel/traverse

Updates interchain from 1.3.0 to 1.10.4

Commits
Maintainer changes

This version was pushed to npm by zetazz, a new releaser for interchain since your current version.


Updates base-x from 3.0.9 to 3.0.11

Commits

Updates braces from 3.0.2 to 3.0.3

Commits

Updates crypto-js from 4.1.1 to 4.2.0

Commits

Updates elliptic from 6.5.4 to 6.6.1

Commits

Updates get-func-name from 2.0.0 to 2.0.2

Release notes

Sourced from get-func-name's releases.

v2.0.2

What's Changed

Revert previous changes that shipped this as an ES module.

Full Changelog: https://github.com/chaijs/get-func-name/commits/v2.0.2

v2.0.1

What's Changed

Fix GHSA-4q6p-r6v2-jvc5

Full Changelog: https://github.com/chaijs/get-func-name/commits/v2.0.1

Commits
Maintainer changes

This version was pushed to npm by keithamus, a new releaser for get-func-name since your current version.


Updates micromatch from 4.0.5 to 4.0.8

Release notes

Sourced from micromatch's releases.

4.0.8

Ultimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We consider the issues low-priority, so even if you see automated scanners saying otherwise, don't be scared.

Changelog

Sourced from micromatch's changelog.

[4.0.8] - 2024-08-22

[4.0.7] - 2024-05-22

  • this is basically v4.0.5, with some README updates
  • it is vulnerable to CVE-2024-4067
  • Updated braces to v3.0.3 to avoid CVE-2024-4068
  • does NOT break API compatibility

[4.0.6] - 2024-05-21

  • Added hasBraces to check if a pattern contains braces.
  • Fixes CVE-2024-4067
  • BREAKS API COMPATIBILITY
  • Should be labeled as a major release, but it's not.
Commits

Removes nanoid

Updates mocha from 10.2.0 to 10.8.2

Release notes

Sourced from mocha's releases.

v10.8.2

10.8.2 (2024-10-30)

🩹 Fixes

  • support errors with circular dependencies in object values with --parallel (#5212) (ba0fefe)
  • test link in html reporter (#5224) (f054acc)

📚 Documentation

  • indicate 'exports' interface does not work in browsers (#5181) (14e640e)

🧹 Chores

  • fix docs builds by re-adding eleventy and ignoring gitignore again (#5240) (881e3b0)

🤖 Automation

  • deps: bump the github-actions group with 1 update (#5132) (e536ab2)

v10.8.1

10.8.1 (2024-10-29)

🩹 Fixes

v10.8.0

10.8.0 (2024-10-29)

🌟 Features

🩹 Fixes

📚 Documentation

... (truncated)

Changelog

Sourced from mocha's changelog.

10.8.2 (2024-10-30)

🩹 Fixes

  • support errors with circular dependencies in object values with --parallel (#5212) (ba0fefe)
  • test link in html reporter (#5224) (f054acc)

📚 Documentation

  • indicate 'exports' interface does not work in browsers (#5181) (14e640e)

🧹 Chores

  • fix docs builds by re-adding eleventy and ignoring gitignore again (#5240) (881e3b0)

🤖 Automation

  • deps: bump the github-actions group with 1 update (#5132) (e536ab2)

10.8.1 (2024-10-29)

🩹 Fixes

10.8.0 (2024-10-29)

🌟 Features

🩹 Fixes

📚 Documentation

🧹 Chores

  • fix npm scripts on windows (#5219) (1173da0)
  • remove trailing whitespace in SECURITY.md (7563e59)

10.7.3 (2024-08-09)

... (truncated)

Commits
  • 05097db chore(main): release 10.8.2 (#5239)
  • 14e640e docs: indicate 'exports' interface does not work in browsers (#5181)
  • 881e3b0 chore: fix docs builds by re-adding eleventy and ignoring gitignore again (#5...
  • f054acc fix: test link in html reporter (#5224)
  • e536ab2 build(deps): bump the github-actions group with 1 update (#5132)
  • ba0fefe fix: support errors with circular dependencies in object values with --parall...
  • f44f71b chore(main): release 10.8.1 (#5238)
  • f72bc17 fix: handle case of invalid package.json with no explicit config (#5198)
  • 68803b6 fix: use accurate test links in HTML reporter (#5228)
  • d8ca270 fix: Typos on mochajs.org (#5237)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by voxpelli, a new releaser for mocha since your current version.


Updates postcss from 8.4.14 to 8.4.31

Release notes

Sourced from postcss's releases.

8.4.31

8.4.30

8.4.29

8.4.28

  • Fixed Root.source.end for better source map (by @​romainmenke).
  • Fixed Result.root types when process() has no parser.

8.4.27

  • Fixed Container clone methods types.

8.4.26

  • Fixed clone methods types.

8.4.25

8.4.24

  • Fixed Plugin types.

8.4.23

  • Fixed warnings in TypeDoc.

8.4.22

8.4.21

8.4.20

  • Fixed source map generation for childless at-rules like @layer.

8.4.19

  • Fixed whitespace preserving after AST transformations (by @​romainmenke).

8.4.18

  • Fixed an error on absolute: true with empty sourceContent (by @​KingSora).

8.4.17

8.4.16

... (truncated)

Changelog

Sourced from postcss's changelog.

8.4.31

8.4.30

  • Improved source map performance (by Romain Menke).

8.4.29

  • Fixed Node#source.offset (by Ido Rosenthal).
  • Fixed docs (by Christian Oliff).

8.4.28

  • Fixed Root.source.end for better source map (by Romain Menke).
  • Fixed Result.root types when process() has no parser.

8.4.27

  • Fixed Container clone methods types.

8.4.26

  • Fixed clone methods types.

8.4.25

8.4.24

  • Fixed Plugin types.

8.4.23

  • Fixed warnings in TypeDoc.

8.4.22

  • Fixed TypeScript support with node16 (by Remco Haszing).

8.4.21

  • Fixed Input#error types (by Aleks Hudochenkov).

8.4.20

  • Fixed source map generation for childless at-rules like @layer.

8.4.19

  • Fixed whitespace preserving after AST transformations (by Romain Menke).

8.4.18

  • Fixed an error on absolute: true with empty sourceContent (by Rene Haas).

8.4.17

  • Fixed Node.before() unexpected behavior (by Romain Menke).
  • Added TOC to docs (by Mikhail Dedov).

8.4.16

... (truncated)

Commits

Updates protobufjs from 6.11.3 to 6.11.4

Commits

Updates @cosmos-kit/keplr from 0.33.18 to 2.15.0

Commits
  • 1a2bca9 chore(release): publish
  • 7f84e5c Merge pull request #550 from hyperweb-io/feat/upgrade-react-19
  • dc9bd3d chore: lockfile
  • 93f84bc test: run fail
  • 551feeb refactor: example apps
  • a9dd023 feat: upgrade react 19
  • 128db0a Merge pull request #541 from hexxagon-io/main
  • fe70f5e Merge branch 'hyperweb-io:main' into main
  • 0e5b3ab refactored formatNativeUrl for Galaxy Station mobile
  • 37ec0fe Merge pull request #540 from volkavich/fix/galaxystation-syntax
  • Additional commits viewable in compare view

Updates semver from 6.3.0 to 7.7.1

Release notes

Sourced from semver's releases.

v7.7.1

7.7.1 (2025-02-03)

Bug Fixes

v7.7.0

7.7.0 (2025-01-29)

Features

Bug Fixes

Documentation

Chores

v7.6.3

7.6.3 (2024-07-16)

Bug Fixes

Documentation

v7.6.2

7.6.2 (2024-05-09)

Bug Fixes

v7.6.1

7.6.1 (2024-05-04)

Bug Fixes

Dependencies

... (truncated)

Changelog

Sourced from semver's changelog.

7.7.1 (2025-02-03)

Bug Fixes

7.7.0 (2025-01-29)

Features

Bug Fixes

Documentation

Chores

7.6.3 (2024-07-16)

Bug Fixes

Documentation

7.6.2 (2024-05-09)

Bug Fixes

7.6.1 (2024-05-04)

Bug Fixes

Dependencies

Chores

... (truncated)

Commits
  • 30c438b chore: release 7.7.1 (#765)
  • af761c0 fix(inc): fully capture prerelease identifier (#764)
  • 2cfcbb5 chore: release 7.7.0 (#750)
  • d588e37 fix(diff): fix prerelease to stable version diff logic (#755)
  • 753e02b chore: bump @​npmcli/template-oss from 4.23.3 to 4.23.4 (#747)
  • 8a34bde fix: add identifier validation to inc() (#754)
  • 0864b3c feat: add "release" inc type (#753)
  • 67e5478 docs(readme): added missing period for consistency (#756)
  • 868d4bb docs: clarify comment about obsolete prefixes (#749)
  • 145c554 chore: bump @​npmcli/eslint-config from 4.0.5 to 5.0.0
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by npm-cli-ops, a new releaser for semver since your current version.


Updates serialize-javascript from 6.0.0 to 6.0.2

Release notes

Sourced from serialize-javascript's releases.

v6.0.2

  • fix: serialize URL string contents to prevent XSS (#173) f27d65d
  • Bump @​babel/traverse from 7.10.1 to 7.23.7 (#171) 02499c0
  • docs: update readme with URL support (#146) 0d88527
  • chore: update node version and lock file e2a3a91
  • fix typo (#164) 5a1fa64

yahoo/serialize-javascript@v6.0.1...v6.0.2

v6.0.1

What's Changed

New Contributors

Full Changelog: yahoo/serialize-javascript@v6.0.0...v6.0.1

Commits

Updates word-wrap from 1.2.3 to 1.2.5

Release notes

Sourced from word-wrap's releases.

1.2.5

Changes:

Reverts default value for options.indent to two spaces ' '.

Full Changelog: jonschlinkert/word-wrap@1.2.4...1.2.5

1.2.4

What's Changed

@dependabot
build(deps): bump the npm_and_yarn group with 18 updates
0f0a663 
Bumps the npm_and_yarn group with 18 updates:

| Package | From | To |
| --- | --- | --- |
| [next](https://github.com/vercel/next.js) | `12.2.5` | `14.2.26` |
| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.18.11` | `removed` |
| [interchain](https://github.com/cosmology-tech/interchain) | `1.3.0` | `1.10.4` |
| [base-x](https://github.com/cryptocoinjs/base-x) | `3.0.9` | `3.0.11` |
| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |
| [crypto-js](https://github.com/brix/crypto-js) | `4.1.1` | `4.2.0` |
| [elliptic](https://github.com/indutny/elliptic) | `6.5.4` | `6.6.1` |
| [get-func-name](https://github.com/chaijs/get-func-name) | `2.0.0` | `2.0.2` |
| [micromatch](https://github.com/micromatch/micromatch) | `4.0.5` | `4.0.8` |
| [nanoid](https://github.com/ai/nanoid) | `3.3.3` | `removed` |
| [mocha](https://github.com/mochajs/mocha) | `10.2.0` | `10.8.2` |
| [postcss](https://github.com/postcss/postcss) | `8.4.14` | `8.4.31` |
| [protobufjs](https://github.com/protobufjs/protobuf.js) | `6.11.3` | `6.11.4` |
| [@cosmos-kit/keplr](https://github.com/hyperweb-io/cosmos-kit) | `0.33.18` | `2.15.0` |
| [semver](https://github.com/npm/node-semver) | `6.3.0` | `7.7.1` |
| [serialize-javascript](https://github.com/yahoo/serialize-javascript) | `6.0.0` | `6.0.2` |
| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |
| [ws](https://github.com/websockets/ws) | `7.5.9` | `7.5.10` |


Updates `next` from 12.2.5 to 14.2.26
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v12.2.5...v14.2.26)

Removes `@babel/traverse`

Updates `interchain` from 1.3.0 to 1.10.4
- [Commits](https://github.com/cosmology-tech/interchain/commits)

Updates `base-x` from 3.0.9 to 3.0.11
- [Commits](cryptocoinjs/base-x@v3.0.9...v3.0.11)

Updates `braces` from 3.0.2 to 3.0.3
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](micromatch/braces@3.0.2...3.0.3)

Updates `crypto-js` from 4.1.1 to 4.2.0
- [Commits](brix/crypto-js@4.1.1...4.2.0)

Updates `elliptic` from 6.5.4 to 6.6.1
- [Commits](indutny/elliptic@v6.5.4...v6.6.1)

Updates `get-func-name` from 2.0.0 to 2.0.2
- [Release notes](https://github.com/chaijs/get-func-name/releases)
- [Commits](https://github.com/chaijs/get-func-name/commits/v2.0.2)

Updates `micromatch` from 4.0.5 to 4.0.8
- [Release notes](https://github.com/micromatch/micromatch/releases)
- [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md)
- [Commits](micromatch/micromatch@4.0.5...4.0.8)

Removes `nanoid`

Updates `mocha` from 10.2.0 to 10.8.2
- [Release notes](https://github.com/mochajs/mocha/releases)
- [Changelog](https://github.com/mochajs/mocha/blob/main/CHANGELOG.md)
- [Commits](mochajs/mocha@v10.2.0...v10.8.2)

Updates `postcss` from 8.4.14 to 8.4.31
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.4.14...8.4.31)

Updates `protobufjs` from 6.11.3 to 6.11.4
- [Release notes](https://github.com/protobufjs/protobuf.js/releases)
- [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/protobufjs/protobuf.js/commits)

Updates `@cosmos-kit/keplr` from 0.33.18 to 2.15.0
- [Commits](https://github.com/hyperweb-io/cosmos-kit/compare/@cosmos-kit/keplr@0.33.18...@cosmos-kit/keplr@2.15.0)

Updates `semver` from 6.3.0 to 7.7.1
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](npm/node-semver@v6.3.0...v7.7.1)

Updates `serialize-javascript` from 6.0.0 to 6.0.2
- [Release notes](https://github.com/yahoo/serialize-javascript/releases)
- [Commits](yahoo/serialize-javascript@v6.0.0...v6.0.2)

Updates `word-wrap` from 1.2.3 to 1.2.5
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5)

Updates `ws` from 7.5.9 to 7.5.10
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@7.5.9...7.5.10)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 14.2.26
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: "@babel/traverse"
  dependency-version: 
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: interchain
  dependency-version: 1.10.4
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: base-x
  dependency-version: 3.0.11
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: braces
  dependency-version: 3.0.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: crypto-js
  dependency-version: 4.2.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: elliptic
  dependency-version: 6.6.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: get-func-name
  dependency-version: 2.0.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: micromatch
  dependency-version: 4.0.8
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: nanoid
  dependency-version: 
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: mocha
  dependency-version: 10.8.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: postcss
  dependency-version: 8.4.31
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: protobufjs
  dependency-version: 6.11.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@cosmos-kit/keplr"
  dependency-version: 2.15.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: semver
  dependency-version: 7.7.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: serialize-javascript
  dependency-version: 6.0.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: word-wrap
  dependency-version: 1.2.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ws
  dependency-version: 7.5.10
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Apr 30, 2025

Labels

The following labels could not be found: T:dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@coderabbitai coderabbitai
Copy link

coderabbitai bot commented Apr 30, 2025

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@RollkitBot RollkitBot requested review from a team, tuxcanfly, gupadhyaya and Manav-Aggarwal and removed request for a team April 30, 2025 17:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tuxcanfly tuxcanfly Awaiting requested review from tuxcanfly tuxcanfly was automatically assigned from rollkit/core

@gupadhyaya gupadhyaya Awaiting requested review from gupadhyaya gupadhyaya was automatically assigned from rollkit/core

@Manav-Aggarwal Manav-Aggarwal Awaiting requested review from Manav-Aggarwal Manav-Aggarwal was automatically assigned from rollkit/core

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants